Bochsの挙動のバックアップ(No.6)

Bochsの挙動

このページはBochsのI/Oポートの挙動やFDブートがどう実装されているのかを書くページです。

こめんとらん

booting from Floppy...でIPLに制御が行った後、Stoppedを表示してhltしてます。…が、FDアクセス中と思われる間、0x3F0～0x3F7にアクセスしていない…？ブートセクタだけは特殊な方法で読み書きしているってことなのでしょうか…。それとも0x100未満のI/Oアドレスを直接使ってるのか？ -- nika 2006/08/10 (木) 13:42:33
やっぱり、Bochs BIOSのソースを解析するか、int 19h～stoppedの間をステップ実行しながら全レジスタなどの挙動を確認する必要がありそうだ…。 -- nika 2006/08/10 (木) 13:46:05
どうやらソースではint #0x13を実行しているようだ。が…、int 13hをフックしても実行されている気配が無いのにbootできてしまう。int 13hは間違いなくCD 13(バイナリ)になっているはずなのに…。それとも、シングルステップ例外による検証がまずいだけなのか・・・。 -- nika 2006/08/11 (金) 11:03:35
あ、でもDOSEmulator(仮)で普通に実行したとき、"Boot from Floppy 0 failed"を表示する前に"int13_harddisk: function 02, ELDL out of range 00"が表示されているってことは、ちゃんとフロッピーディスクをアクセスするint 13hを実行しているってことか？ -- nika 2006/08/14 (月) 16:19:32
このページはint 13hでFDCをアクセスするようになったため、古いものとなりました(FDCの実装中に利用する可能性はありますが…)。 -- nika 2006/08/15 (火) 15:04:23
今頃気づいた。romscan時にint 13hをフックしようとしてもまだセットされてないｗ　だからこの時点でフックしてもむりぽ。…こんなことで解決が長引いたのかorz -- nika 2006/08/31 (木) 03:56:48

コメント	お名前	NameLink

Bochsで0x0100以降のポートとソフトウェア割り込みのトラップ

仕組み

bochsの拡張BIOS組み込み("optromimage=extbios.rom, address=0xD0000")を使用し、
ステップトラップ例外を発生させて、その中でオペコードEC～EF(in accum, dx/out dx,accum/int xxh)を
監視してBochsのデバッグ用ポートにechoしてログをとりました。
終了時はステップトラップ例外が発生したとき、CSの値が0x9000以下の時に停止します。

↓実際に組み込んで使用した拡張ROMBIOSはこちら。

atdebug.rom

(32KB,セグメントは0xC8000～0xD8000の中で2KB境界,int 1をフックします)
次の1行をbochsrc.txt等に加えると、自動的にBochs BIOSが組み込んでくれます。

optromimage1: file=atdebug.rom, address=0xd0000

この拡張ROMBIOSは、DOS Emulator(仮)には対応していません。
そもそもDOS Emulator(仮)は、シングルステップをサポートしてません。

トラップ終了時の画面

この結果は念のためboot: disk, cdrom, floppyとした結果です。

トラップ時のbochsrc.txt

# configuration file generated by Bochs
config_interface: textconfig
display_library: win32
megs: 32
romimage: file="bios.bin", address=0xf0000
vgaromimage: file="VGABIOS-lgpl-latest"
boot: disk, cdrom, floppy
floppya: 1_44="c:\test.hdm", status=inserted
# no floppyb
ata0: enabled=1, ioaddr1=0x1f0, ioaddr2=0x3f0, irq=14
ata1: enabled=0
ata2: enabled=0
ata3: enabled=0
optromimage1: file="e:\osask\nask\atdebug\atdebug.rom", address=0xd0000
parport1: enabled=1, file="parport.out"
parport2: enabled=0
com1: enabled=1, mode=null, dev=""
com2: enabled=0
com3: enabled=0
com4: enabled=0
i440fxsupport: enabled=0
usb1: enabled=0
sb16: enabled=1, midimode=1, midi=, wavemode=1, wave=, loglevel=1, log=, dmatimer=750000
floppy_bootsig_check: disabled=0
vga_update_interval: 250000
vga: extension=vbe
keyboard_serial_delay: 500
keyboard_paste_delay: 200000
floppy_command_delay: 3000
ips: 2000000
text_snapshot_check: 0
mouse: enabled=0
private_colormap: enabled=0
clock: sync=realtime, time0=local
ne2k: enabled=0
pnic: enabled=0
# no loader
log: bochsout.txt
logprefix: %t%e%d
debugger_log: -
panic: action=ask
error: action=report
info: action=report
debug: action=ignore
pass: action=fatal
keyboard_mapping: enabled=0, map=
keyboard_type: mf
user_shortcut: keys=none
# no cmosimage

トラップ終了時の全ログ

そのときのbochsout.txtのログ

bochsout.txt

ファイル形式

00000000000i[     ] Bochs x86 Emulator 2.2.pre3
00000000000i[     ]   Build from CVS snapshot on April 16, 2005
00000000000i[     ] System configuration
00000000000i[     ]   processors: 1
00000000000i[     ]   A20 line support: yes
00000000000i[     ]   APIC support: yes
00000000000i[     ] CPU configuration
00000000000i[     ]   level: 6
00000000000i[     ]   fpu support: yes
00000000000i[     ]   paging support: yes, tlb enabled: yes
00000000000i[     ]   mmx support: yes
00000000000i[     ]   sse support: 1
00000000000i[     ]   v8086 mode support: yes
00000000000i[     ]   3dnow! support: no
00000000000i[     ]   PAE support: yes
00000000000i[     ]   PGE support: yes
00000000000i[     ]   PSE support: yes
00000000000i[     ]   x86-64 support: no
00000000000i[     ]   SEP support: no
00000000000i[     ] Optimization configuration
00000000000i[     ]   Guest2HostTLB support: yes
00000000000i[     ]   RepeatSpeedups support: yes
00000000000i[     ]   Icache support: yes
00000000000i[     ]   Host Asm support: yes
00000000000i[     ]   Fast function calls: yes
00000000000i[MEM0 ] allocated memory at 01410020. after alignment, vector=01411000
00000000000i[MEM0 ] 32.00MB
00000000000i[MEM0 ] rom at 0xf0000/65536 ('bios.bin')
00000000000i[MEM0 ] rom at 0xc0000/32768 ('VGABIOS-lgpl-latest')
00000000000i[MEM0 ] rom at 0xd0000/32768 ('e:\osask\nask\atdebug\atdebug.rom')
00000000000i[APIC?] local apic in  initializing
00000000000i[APIC0] 80686
00000000000i[APIC0] local apic in CPU apicid=00 initializing
00000000000i[CMOS ] Using local time for initial clock
00000000000i[CMOS ] Setting initial clock to: Thu Aug 10 12:41:19 2006 (time0=1155181279)
00000000000i[DMA  ] channel 4 used by cascade
00000000000i[DMA  ] channel 2 used by Floppy Drive
00000000000i[FDD  ] fd0: 'c:\test.hdm' ro=0, h=2,t=80,spt=18
00000000000i[WGUI ] Number of Mouse Buttons = 3
00000000000i[WGUI ] IME disabled
00000000000i[CLVGA] VBE Bochs Display Extension Enabled
00000000000i[CLVGA] interval=250000
00000000000i[CLVGA] CL-GD5430 ISA initialized
00000000000i[VTIME] using 'realtime pit' synchronization method
00000000000i[     ] init_mem of 'harddrv' plugin device by virtual method
00000000000i[     ] init_mem of 'keyboard' plugin device by virtual method
00000000000i[     ] init_mem of 'serial' plugin device by virtual method
00000000000i[     ] init_mem of 'parallel' plugin device by virtual method
00000000000i[     ] init_mem of 'extfpuirq' plugin device by virtual method
00000000000i[     ] init_mem of 'gameport' plugin device by virtual method
00000000000i[     ] init_mem of 'speaker' plugin device by virtual method
00000000000i[     ] init_mem of 'sb16' plugin device by virtual method
00000000000i[     ] init_dev of 'harddrv' plugin device by virtual method
00000000000i[HD   ] Using boot sequence disk, cdrom, floppy
00000000000i[HD   ] Floppy boot signature check is enabled
00000000000i[     ] init_dev of 'keyboard' plugin device by virtual method
00000000000i[KBD  ] will paste characters every 2000 keyboard ticks
00000000000i[     ] init_dev of 'serial' plugin device by virtual method
00000000000i[SER  ] com1 at 0x03f8 irq 4
00000000000i[     ] init_dev of 'parallel' plugin device by virtual method
00000000000i[PAR  ] parallel port 1 at 0x0378 irq 7
00000000000i[     ] init_dev of 'extfpuirq' plugin device by virtual method
00000000000i[     ] init_dev of 'gameport' plugin device by virtual method
00000000000i[     ] init_dev of 'speaker' plugin device by virtual method
00000000000i[     ] init_dev of 'sb16' plugin device by virtual method
00000000000i[SB16 ] midi=1,E:\TEST.MID  wave=1,  log=1,sb16.log  dmatimer=750000
00000000000i[DMA  ] channel 1 used by SB16
00000000000i[     ] reset of 'harddrv' plugin device by virtual method
00000000000i[     ] reset of 'keyboard' plugin device by virtual method
00000000000i[     ] reset of 'serial' plugin device by virtual method
00000000000i[     ] reset of 'parallel' plugin device by virtual method
00000000000i[     ] reset of 'extfpuirq' plugin device by virtual method
00000000000i[     ] reset of 'gameport' plugin device by virtual method
00000000000i[     ] reset of 'speaker' plugin device by virtual method
00000000000i[     ] reset of 'sb16' plugin device by virtual method
00000003740i[BIOS ] $Revision: 1.160 $ $Date: 2006/01/25 17:51:49 $
00000319045i[KBD  ] reset-disable command received
00000428252i[VBIOS] VGABios $Id: vgabios.c,v 1.59 2004/07/18 20:22:43 vruppert Exp $

00000428322i[CLVGA] VBE known Display Interface b0c0
00000428354i[CLVGA] VBE known Display Interface b0c3
00000431279i[VBIOS] VBE Bios $Id: vbe.c,v 1.45 2004/07/22 18:37:29 vruppert Exp $
00000820708i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00000824377i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00000828046i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00000831715i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00000835384i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
                 （途中省略します）
00001239055i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001242695i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001244673i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001248247i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001250225i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001254467i[VBIOS] I/O [1byte write] Port:3F6 Value:A
00001388984i[VBIOS] I/O [1byte write] Port:3F6 Value:A
00001390505i[VBIOS] I/O [1byte write] Port:1F6 Value:A0
00001390526e[HD   ] device set to 0 which does not exist
00001391938i[VBIOS] I/O [1byte write] Port:1F2 Value:55
00001393344i[VBIOS] I/O [1byte write] Port:1F3 Value:AA
00001394779i[VBIOS] I/O [1byte write] Port:1F2 Value:AA
00001396183i[VBIOS] I/O [1byte write] Port:1F3 Value:55
00001397616i[VBIOS] I/O [1byte write] Port:1F2 Value:55
00001399022i[VBIOS] I/O [1byte write] Port:1F3 Value:AA
00001400293i[VBIOS] I/O [1byte read] Port:1F2 Value:0
00001401564i[VBIOS] I/O [1byte read] Port:1F3 Value:0
00001406161i[VBIOS] I/O [1byte write] Port:3F6 Value:A
00001407711i[VBIOS] I/O [1byte write] Port:1F6 Value:B0
00001407732e[HD   ] device set to 1 which does not exist
00001409144i[VBIOS] I/O [1byte write] Port:1F2 Value:55
00001410550i[VBIOS] I/O [1byte write] Port:1F3 Value:AA
00001411985i[VBIOS] I/O [1byte write] Port:1F2 Value:AA
00001413389i[VBIOS] I/O [1byte write] Port:1F3 Value:55
00001414822i[VBIOS] I/O [1byte write] Port:1F2 Value:55
00001416228i[VBIOS] I/O [1byte write] Port:1F3 Value:AA
00001417499i[VBIOS] I/O [1byte read] Port:1F2 Value:0
00001418770i[VBIOS] I/O [1byte read] Port:1F3 Value:0
00001423366i[VBIOS] I/O [1byte write] Port:376 Value:A
00001424886i[VBIOS] I/O [1byte write] Port:176 Value:A0
00001426318i[VBIOS] I/O [1byte write] Port:172 Value:55
00001427723i[VBIOS] I/O [1byte write] Port:173 Value:AA
00001429157i[VBIOS] I/O [1byte write] Port:172 Value:AA
00001430560i[VBIOS] I/O [1byte write] Port:173 Value:55
00001431992i[VBIOS] I/O [1byte write] Port:172 Value:55
00001433397i[VBIOS] I/O [1byte write] Port:173 Value:AA
00001434704i[VBIOS] I/O [1byte read] Port:172 Value:FF
00001436011i[VBIOS] I/O [1byte read] Port:173 Value:FF
00001440607i[VBIOS] I/O [1byte write] Port:376 Value:A
00001442156i[VBIOS] I/O [1byte write] Port:176 Value:B0
00001443588i[VBIOS] I/O [1byte write] Port:172 Value:55
00001444993i[VBIOS] I/O [1byte write] Port:173 Value:AA
00001446427i[VBIOS] I/O [1byte write] Port:172 Value:AA
00001447830i[VBIOS] I/O [1byte write] Port:173 Value:55
00001449262i[VBIOS] I/O [1byte write] Port:172 Value:55
00001450667i[VBIOS] I/O [1byte write] Port:173 Value:AA
00001451974i[VBIOS] I/O [1byte read] Port:172 Value:FF
00001453281i[VBIOS] I/O [1byte read] Port:173 Value:FF
00001457878i[VBIOS] I/O [1byte write] Port:3E6 Value:A
00001459400i[VBIOS] I/O [1byte write] Port:1EE Value:A0
00001460834i[VBIOS] I/O [1byte write] Port:1EA Value:55
00001462241i[VBIOS] I/O [1byte write] Port:1EB Value:AA
00001463677i[VBIOS] I/O [1byte write] Port:1EA Value:AA
00001465082i[VBIOS] I/O [1byte write] Port:1EB Value:55
00001466516i[VBIOS] I/O [1byte write] Port:1EA Value:55
00001467923i[VBIOS] I/O [1byte write] Port:1EB Value:AA
00001469232i[VBIOS] I/O [1byte read] Port:1EA Value:FF
00001470541i[VBIOS] I/O [1byte read] Port:1EB Value:FF
00001475138i[VBIOS] I/O [1byte write] Port:3E6 Value:A
00001476689i[VBIOS] I/O [1byte write] Port:1EE Value:B0
00001478123i[VBIOS] I/O [1byte write] Port:1EA Value:55
00001479530i[VBIOS] I/O [1byte write] Port:1EB Value:AA
00001480966i[VBIOS] I/O [1byte write] Port:1EA Value:AA
00001482371i[VBIOS] I/O [1byte write] Port:1EB Value:55
00001483805i[VBIOS] I/O [1byte write] Port:1EA Value:55
00001485212i[VBIOS] I/O [1byte write] Port:1EB Value:AA
00001486521i[VBIOS] I/O [1byte read] Port:1EA Value:FF
00001487830i[VBIOS] I/O [1byte read] Port:1EB Value:FF
00001492426i[VBIOS] I/O [1byte write] Port:366 Value:A
00001493947i[VBIOS] I/O [1byte write] Port:16E Value:A0
00001495380i[VBIOS] I/O [1byte write] Port:16A Value:55
00001496786i[VBIOS] I/O [1byte write] Port:16B Value:AA
00001498221i[VBIOS] I/O [1byte write] Port:16A Value:AA
00001499625i[VBIOS] I/O [1byte write] Port:16B Value:55
00001501058i[VBIOS] I/O [1byte write] Port:16A Value:55
00001502464i[VBIOS] I/O [1byte write] Port:16B Value:AA
00001503772i[VBIOS] I/O [1byte read] Port:16A Value:FF
00001505080i[VBIOS] I/O [1byte read] Port:16B Value:FF
00001509676i[VBIOS] I/O [1byte write] Port:366 Value:A
00001511226i[VBIOS] I/O [1byte write] Port:16E Value:B0
00001512659i[VBIOS] I/O [1byte write] Port:16A Value:55
00001514065i[VBIOS] I/O [1byte write] Port:16B Value:AA
00001515500i[VBIOS] I/O [1byte write] Port:16A Value:AA
00001516904i[VBIOS] I/O [1byte write] Port:16B Value:55
00001518337i[VBIOS] I/O [1byte write] Port:16A Value:55
00001519743i[VBIOS] I/O [1byte write] Port:16B Value:AA
00001521051i[VBIOS] I/O [1byte read] Port:16A Value:FF
00001522359i[VBIOS] I/O [1byte read] Port:16B Value:FF
00001529507i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001531485i[VBIOS] Interrupt Number: 10h. at F000:5FBh.
00001535752i[VBIOS] Interrupt Number: 19h. at F000:E294h.
00001540484i[BIOS ] int13_harddisk: function 02, unmapped device for ELDL=80
00001562952i[BIOS ] Boot from Hard Disk 0 failed
00001588792i[BIOS ] CDROM boot failure code : 0002
00001608454i[BIOS ] Boot from CD-Rom failed
00001637433i[VBIOS] I/O Port Trapping Stopped. at 0:7C3Eh.
00001637451p[CPU0 ] >>PANIC<< WARNING: HLT instruction with IF=0!
00001637451i[WGUI ] dimension update x=720 y=400 fontheight=16 fontwidth=9 bpp=8
00001637451i[SYS  ] Last time is 1155181279
00001637451i[CPU0 ] real mode
00001637451i[CPU0 ] CS.d_b = 16 bit
00001637451i[CPU0 ] SS.d_b = 16 bit
00001637451i[CPU0 ] | EAX=0fffaa55  EBX=00000000  ECX=000c0001  EDX=00000000
00001637451i[CPU0 ] | ESP=0000fff8  EBP=00000000  ESI=000002a0  EDI=0000ffde
00001637451i[CPU0 ] | IOPL=0 NV UP DI NG NZ NA PE NC
00001637451i[CPU0 ] | SEG selector     base    limit G D
00001637451i[CPU0 ] | SEG sltr(index|ti|rpl)     base    limit G D
00001637451i[CPU0 ] |  CS:d000( 0000| 0|  0) 000d0000 0000ffff 0 0
00001637451i[CPU0 ] |  DS:0000( 0000| 0|  0) 00000000 0000ffff 0 0
00001637451i[CPU0 ] |  SS:0000( 0000| 0|  0) 00000000 0000ffff 0 0
00001637451i[CPU0 ] |  ES:0000( 0000| 0|  0) 00000000 0000ffff 0 0
00001637451i[CPU0 ] |  FS:d000( 0000| 0|  0) 000d0000 0000ffff 0 0
00001637451i[CPU0 ] |  GS:0000( 0000| 0|  0) 00000000 0000ffff 0 0
00001637451i[CPU0 ] | EIP=000000a2 (000000a1)
00001637451i[CPU0 ] | CR0=0x00000010 CR1=0 CR2=0x00000000
00001637451i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
00001637451i[     ] restoring default signal behavior
00001637451i[CTRL ] quit_sim called with exit code 1

Bochsの挙動 のバックアップ(No.6)